63% of SMBs increased security spending, but more than half still experienced breaches

Ransomware, phishing, and data breaches top IT security managers' list of concerns this year, according to a new report from Cyren and Osterman Research.

Video: Simple steps to cyber-safetyAnthony Grieco, Senior Director and Trust Strategy Officer at Cisco's Security and Trust Organization, shares two simple things every company should do to improve cybersecurity.

SMB security spending is rising, but confidence in the ability to avoid breaches remains low, according to a new report from Cyren and Osterman Research, released Monday.

Some 63% of SMB IT managers said they increased security spending in the past year, by an average of 27%, the report found. However, less than half of these IT professionals said they were confident that they can prevent data breaches and protect against threats.

IT managers are most concerned by threats of ransomware (62%), phishing (61%), and data breaches (54%).

IT security budgets grew 17% over the past year—on top of a 21% increase reported last year, the report found. However, 68% of IT managers suffered one or more serious security breaches, with 29% reporting a successful phishing attack, and 18% reporting a successful ransomware attack.

Respondents generally reported a low number of dedicated IT security staff members available to deal with security issues: Some 52% of organizations surveyed had two or fewer security staff members. For companies with 100-500 employees, that number grew to 80%.

The popularity of cloud-based security is also rising, the report found, as 29% of IT managers expressed a "strong preference" for cloud-based security—up from 21% last year. Meanwhile, 32% of respondents said they preferred on-premises solutions.

In terms of desired capabilities in new security solutions, IT managers ranked security effectiveness the highest (85%), followed by speed of defenses applied to new threats (74%). Trailing behind were reporting, user experience, management ease, and cost.

The report surveyed 109 business IT and security managers from organizations with between 100 and 3,000 employees, across a variety of industries.

"Year over year, we are seeing dramatic increases in SMB spending for cybersecurity, yet little movement in the confidence levels surrounding their purchases," said Michael Osterman, principal analyst at Osterman Research, in a press release. "Exacerbating this disconnect between perceived protection and cost, SMBs have few, if any, IT staff dedicated to cybersecurity. Thus, we see a steady uptick in demand for cloud-based security solutions that rely on the diligence and expertise of the vendor instead of company employees."

Want to use this data in your next business presentation? Feel free to copy and paste these top takeaways into your next slideshow.

63% of SMB IT managers increased security spending in the past year, by an average of 27%. -Cyren and Osterman Research, 2017

IT managers are most concerned by threats of ransomware (62%), phishing (61%), and data breaches (54%) -Cyren and Osterman Research, 2017

68% of IT managers suffered one or more serious security breaches in the past, with 29% reporting a successful phishing attack, and 18% reporting a successful ransomware attack. -Cyren and Osterman Research, 2017

Image: iStockphoto/KrulUA

Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays